John H. Robinson, IV wrote:
Ya know - people used to think this. Then they learned that having encrypted (well, hashed) data out in the open was A Bad Thing. Now we have /etc/shadow.
But that was not encrypted. It was only trivially hashed.
Encryption slows the bad guys down, it does not stop them. Better encryption slows them down further. The stronger the encryption, the more dedicated you need to be.
I can understand why you would repeat this mantra as a security professional and a purist which I am all in favor of but we have to be realistic and start saying things like "For all practical purposes..." at some point.
When your laptop is stolen, do you know who stole it? Do you know how dedicated they are? Are you certain you did not inadvertently make the crytopgraphers job easier by choosing a passphrase that weakens the algorithm? How do you know you did not?
No but it is far more likely to be stolen by clueless hoods than by the feds or the Illuminati or some such group. In the highly unlikely event that a cryptographer ever looks at something I have encrypted I use passphrases with high entropy and choose algorithms which are less vulnerable to that sort of thing.
Today's toughest encryption is tomorrow's quiant algorithm. CPU power growse, and grows fast. Brute force attacks get easier. Attacks against algorithms get more sophisticated.
This is true to a point. But there has to come a point where we say "This crypto is the best I can do for now and it's better than nothing."
-- Tracy R Reed http://ultraviolet.org A: Because we read from top to bottom, left to right Q: Why should I start my reply below the quoted text -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
